Kaspersky Lab’s APT review of 2018: the most active groups, the top targets

Kaspersky Lab experts will present their annual, exclusive review of advanced persistent threat activity across the world in 2018, based on the company’s threat intelligence research throughout the year. These findings provide the foundations for the threat actor predictions published on November 20 and provide an invaluable insight into how APTs are evolving over time.

Kaspersky Lab is hosting a live online business webinar from Singapore as part of its global Security Analyst Summit 2019

The summit will feature a presentation by Amin Hasbini, a top security researcher in Kaspersky Lab’s elite Global Research and Analysis Team, on the threats and threat actors that are likely to target enterprises in 2019 and beyond.

This will be followed by a panel debate that will consider how the rapidly evolving cyberthreat landscape, new technologies such as AI, and geopolitical change will affect enterprises across all business sectors in an increasingly ultra-connected world.

This will be followed by a panel debate that will consider how the rapidly evolving cyberthreat landscape, new technologies such as AI, and geopolitical change will affect enterprises across all business sectors in an increasingly ultra-connected world.

Panelists will include Simon Giff, Vice President, APAC Security Practice at IDC, Alex Moiseev, CBO at Kaspersky Lab and other top security leaders.

Our webinar is dedicated to the recent release of CyberTrace, our threat intelligence fusion and analysis tool. During the event, you will learn how to:
• Define key criteria when choosing threat intelligence sources
• Determine if the specific feed is relevant for your organization
• Overcome the challenges of integrating threat intelligence feeds with SIEM:
- SIEM systems are unable to digest millions of threat indicators
- Integrating threat intelligence feeds with SIEM is time-consuming and resource-hungry
- Before matching observables against threat intelligence feeds, SIEM or TIP must expose the obfuscation techniques used by threats to hide malicious activities in logs - but it doesn’t usually do this, resulting in reduced feeds efficiency
• Reduce false positive rates through whitelisting and filtering of the feeds
• Effectively leverage threat intelligence if you don’t have SIEM
• Distill and prioritize sweeping amounts of security alerts and identify alerts that should be escalated to IR teams using Kaspersky Threat Data Feeds and their context.

The webinar will be helpful for those who wish to know more about current ICS cyberthreats.

The webinar’s speaker Kirill Kruglov, senior security researcher at Kaspersky Lab ICS CERT, will talk about major threats relevant to industrial control systems that Kaspersky Lab ICS CERT identified in H2 2018. In addition to discussing general statistics on malicious attacks that were detected and prevented by Kaspersky Lab products on industrial computers globally, he will offer a deeper dive into the attacks we saw, TTPs used by attackers, and root cause analysis of major security weaknesses we discovered. In addition, Kirill will discuss the methodology used to collect and analyze the data, which will help the webinar participants to better understand what these figures mean.

Do your employees enjoy security training? Right, no one does. Meanwhile 80 % of cyberincidents are caused by human errors. Cybersecurity is seen as an imposition, a limitation on personal freedom, while it is a critical risk for organizations. Employees' business goals and Security objectives often appear to be contradictory. The right approach to developing cybersecurity awareness can solve this dilemma.
Learn more about modern e-learning technologies and behavioral psychology that help achieve both targets with Adam Filler co-author of gamified training products and a master trainer of Kaspersky Security Awareness

From this webinar you will learn:
- How to fight people’s misconceptions about cybersecurity
- How to engage people and ensure training effectiveness
- New technologies that help to deal with challenges a training manager usually faces

EDR technology has been an unceasing topic of conversation over the past 3 or 4 years. Meanwhile, we at Kaspersky Lab have become aware, in our interactions with enterprise organizations, of serious levels of overall dissatisfaction with the outcomes of investment in EDR. Let's try now to understand the main reasons for this, while looking at typical use cases and key enterprise scenarios. The webinar will cover:
•Drivers of EDR implementation
•EDR vs Next Generation EPP vs Advanced EPP
•Key benefits and advantages
•Use cases of EDR functionality: Integrated Endpoint Protection, Augmentation of the Incident Response process, Automation of the anti-APT solution reaction phase
•EDR project business justification

Underground cybercriminal flora and marketplaces have a lot to hide – from recent trends to upcoming prospects, from leaked vulnerabilities to the newest financial malware samples. Sergey Lozhkin, security researcher at Kaspersky Lab, will show you what can be found there. Join the talk and learn what can be done with the help of proper underground threat intelligence – and how it could help your business before any attack takes place.

Mobile malware has become one of the fastest growing segments of the global cybersecurity threat landscape, with dynamic changes and significant developments happening all the time. Victor Chebyshev, security researcher at Kaspersky Lab, has researched this topic extensively and is author of its Mobile Malware Evolution 2018 report. During the past year, Victor has been observing trends, processes and the entire phenomenon that is the mobile malware market.

In this webinar, Victor will recap the most significant trends found in the mobile malware industry in 2018. He will also identify which trends are gaining popularity and which are dying, along with why. Victor will also explore the overall picture of the mobile threats landscape, explaining how cybercriminals are performing large-scale cyberattacks on users and share his predictions for what mobile threat actors could have planned in 2019.

Nearly 1.5 million dollars. That’s how much an average data breach in the cloud costs enterprises, according to the Global IT Security Risks Survey 2018.

Second only to targeted attacks, breaches affecting IaaS are among the most costly faced by businesses today. But what can be done about this? Apparently, investing more in protection is only part of the solution, as businesses are already allocating a greater share of their IT budgets to security…

During the webinar, Maxim Frolov, VP Global Sales, Kaspersky Lab, presents key findings from the company’s latest report On the Money: Growing IT Security Budgets to Protect Digital Transformation Initiatives. Maxim, along with special guest Jim Reavis, Co-founder and CEO, Cloud Security Alliance, will discuss the potential damage and the main risks associated with cloud breaches, as well as what businesses can do to protect themselves.

Webinar attendees gets the latest insights on the dynamics of corporate security incidents and IT security budgets. They will learn what financial, organizational and technological decisions should be made to protect businesses from the threat of cloud infrastructure breaches.

Within just a three-month period, Kaspersky Lab technologies automatically detected a unique occurrence of three zero-day exploits in the wild. All of them were found in APT attacks in the Middle East and Asia.
Attacks that go through zero-day vulnerabilities continue to be among the most dangerous, as they involve the exploitation of an undiscovered and unfixed weakness. This, though, makes them particularly difficult to detect and prevent. If such a vulnerability is found by criminals first, it can be used to create an exploit – a special malicious program that will have open access to an entire system. This “hidden threat” attack scenario is widely used by sophisticated actors in APT attacks and was used across all these three incidents.
Security researcher Anton Ivanov is head of the team of researchers that, in collaboration with Kaspersky Lab GReAT, disclosed zero-day vulnerabilities in Microsoft Windows OS following Kaspersky Lab mechanisms detecting the exploit. In this webinar, Anton will share the details of the work done by his team while working on the following zero-days vulnerabilities:
•CVE-2018-8453
•CVE-2018-8589
•CVE-2018-8611
Anton will elaborate on the technologies that made it possible to detect these exploits and discuss the process of searching and finding such vulnerabilities – including both technical and ethical (such as responsible disclosure) aspects.

The connected world needs a strong, resilient cyberspace, but the landscape is increasingly fragile and fragmented. At this summit, hosted by Kaspersky Lab, leaders from across the cybersecurity industry will debate the growing need for transparency, collaboration and trust in addressing these challenges and more.

Containers are rapidly gaining in popularity, with more and more companies using them for production. But this situation also attracts cyberattackers. Join our webinar to find out more about the key security issues arising from using containers in production, and how their resolution can fit into your entire hybrid cloud protection strategy.

Replay: Kaspersky Lab is hosting a digital panel, bringing together cybersecurity executives and experts, to discuss the challenges that Chief Information Security Officers are facing after 86% revealed they believe cyber breaches are inevitable in a global survey.

More than a third of CISOs say they struggle to secure required budgets when they cannot guarantee security, but how can they persuade the board to offer them more resources? This summit will cover how CISOs can manage limited resources – such as internal talent and budgets – to effectively protect increasingly digital businesses, as well as the importance of collaborating with other departments and company boards to keep up with the ever-evolving cyberthreat landscape.

In the digital world, effective information security is now a key business success factor. As attackers find new ways to attack digital assets, the ability of the organization to maintain continuity, and the security of the information circulating in it, may be called into question. New attack methods and threat vectors require fundamentally new approaches to corporate protection.

As part of the World Cyber Security Congress in London on March 27, Kaspersky Lab was conducting a seminar exploring ways to solve the problem of protection in the digital world, where the risks are so high, and where the only sure defense lies a comprehensive security approach.

Join us there to:

• Find out about the threats organizations like yours are currently facing

• Learn how to build reliable protection in the era of digital transformation

• See how leading-edge global corporation has built its security on proven technologies

• Put your questions to our experts

During the seminar, our Principal Security Researcher in the Global Research and Analysis Team David Emm will talk about contemporary threats in ‘The Top Cyber-threats Facing Your Digital Business’.

Kaspersky Lab has brought together cybersecurity experts to discuss the challenges faced by Chief Information Security Officers. A global survey recently revealed that 86% believe cyber breaches are inevitable – so what can they do to defend their organizations?

More than a third of CISOs say they struggle to secure required budgets when they cannot guarantee security, but how can they persuade the board to offer them more resources? This digital panel covers how CISOs can manage limited resources – such as internal talent and budgets – to effectively protect increasingly digital businesses. The panel also discuss the importance of collaborating with other departments and company boards to keep up with the ever-evolving cyberthreat landscape.

Denis Legezo, senior security researcher at Kaspersky Lab Global Research and Analysis Team

Kaspersky Lab Global Research and Analysis Team has recently detected multiple attempts to infect foreign diplomatic entities in Iran with homebrew spyware, that contains an updated version of Remexi backdoor. What do we know about this malware? What does it mean for the threat landscape? And is there a link between the spyware and the Chafer group – who has previously been known as a local threat actor in Iran?

The report on the new detect of Remexi backdoor is available here: https://kas.pr/fou5

Vicente Diaz and Costin Raiu, security researchers in Kaspersky Lab’s Global Research and Analysis Team

Kaspersky Lab experts will present their annual, exclusive review of advanced persistent threat activity across the world in 2018, based on the company’s threat intelligence research throughout the year. These findings provide the foundations for the threat actor predictions published on November 20 and provide an invaluable insight into how APTs are evolving over time.

The cloud offers significant benefits for business, including flexibility and efficiency, but cloud migration has its challenges when it comes to security. Juggling multiple virtualized environments, keeping track of disparate security policies and dealing with containerization issues can turn your cloud journey into a nightmare. Join us to find out more about these potential complications – and how you can avoid them.

Vicente Diaz and Costin Raiu, security researchers in Kaspersky Lab’s Global Research and Analysis Team

Kaspersky Lab experts will present their annual, exclusive review of advanced persistent threat activity across the world in 2018, based on the company’s threat intelligence research throughout the year. These findings provide the foundations for the threat actor predictions published on November 20 and provide an invaluable insight into how APTs are evolving over time.

Top-notch cybersecurity and protection technology experts share their knowledge on how to mitigate the most dangerous cyberthreats that any organization may face. Contact us at https://www.kaspersky.com/about/contact